<?php
if(!defined('IN_GAME')) exit('Access Denied');

db::init();

if(isset($_POST['scgy_studentnumber'])){
	if(!isset($_POST['scgy_loginname']) || $_POST['scgy_loginname'] == ''){
			echo '<script>alert(\'登录名称不能为空！\');</script>';
	}elseif(strlen($_POST['scgy_loginname']) > 100){
			echo '<script>alert(\'登录名称不能太长！\');</script>';
	}elseif(!isset($_POST['scgy_studentnumber']) || $_POST['scgy_studentnumber'] == ''){
			echo '<script>alert(\'学号不能为空！\');</script>';
	}elseif(!isset($_POST['scgy_password']) || strlen($_POST['scgy_password']) < 4 || strlen($_POST['scgy_password']) > 16){
			echo '<script>alert(\'密码必须介于4与16位之间！\');</script>';
	}elseif($_POST['scgy_password'] != $_POST['scgy_password2']){
			echo '<script>alert(\'两次密码输入不一致！\');</script>';
	}elseif(!isset($_POST['scgy_name']) || $_POST['scgy_name'] == ''){
			echo '<script>alert(\'请输入姓名！\');</script>';
	}elseif(!isset($_POST['scgy_phone']) || $_POST['scgy_phone'] == ''){
			echo '<script>alert(\'请输入电话号码！\');</script>';
	}elseif(!isset($_POST['scgy_email']) || $_POST['scgy_email'] == ''){
			echo '<script>alert(\'请输入邮箱地址！\');</script>';
	}elseif(substr($_POST['scgy_email'], -17, 17) != '@mail.ustc.edu.cn'){
			echo '<script>alert(\'请输入有效的科大邮箱地址！\');</script>';
	}elseif(!isset($_POST['scgy_qq']) || $_POST['scgy_qq'] == ''){
			echo '<script>alert(\'请输入QQ号码！\');</script>';
	}else{
		/*
		* IP Address Check
		*/
		$check = 0;
		$IP = addslashes($_SERVER['REMOTE_ADDR']);
		$record = db::fetch_first("SELECT * FROM hgame_iplist WHERE ip = '%s'", $IP);
		if(!$record){
			db::query("INSERT INTO hgame_iplist SET timestamp=%d, ip='%s'", TIMESTAMP, $IP);
		}elseif(TIMESTAMP - $record['timestamp'] > 21600){
			db::query("UPDATE hgame_iplist SET timestamp=%d WHERE ip='%s'", $IP);
		}else{
			echo '<script>alert(\'同一个IP地址在 6 小时内只能注册一次！\');</script>';
			$check = 1;
		}
		
		$loginname = addslashes($_POST['scgy_loginname']);
		$password = sha1('cjI13F9'.sha1("a15HGNA-68GJ" . substr(sha1($_POST['scgy_password']), 8) . "QWBJIbv15zHGNA-68GJ"));
		$studentnumber = addslashes($_POST['scgy_studentnumber']);
		$name = addslashes($_POST['scgy_name']);
		$phone = addslashes($_POST['scgy_name']);
		$email = addslashes($_POST['scgy_email']);
		$qq = addslashes($_POST['scgy_qq']);

		if(!$check){
			$query = db::fetch_first("SELECT * FROM hgame_user WHERE loginname='%s'", $loginname);
			if($query){
				echo '<script>alert(\'该登录名称已经被他人使用！\');</script>';
				$check = 1;
			}
		}
		
		if(!$check){
			$query = db::query("INSERT INTO hgame_user SET loginname='%s', password='%s', studentnumber='%s', name='%s', phone='%s', email='%s', qq='%s', progress=1", 
			$loginname, $password, $studentnumber, $name, $phone, $email, $qq);
			
			$progress = 1;
		}
	}
}
?>
